The Hacker News — Cyber Security, Hacking, Technology News

The 2014 Yahoo hack disclosed late last year that compromised over 500 million Yahoo user accounts was believed to be carried out by a state-sponsored hacking group.

Now, two Russian intelligence officers and two criminal hackers have been charged by the US government in connection with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts, the Department of Justice announced Wednesday.

According to the prosecutors, at least 30 million accounts were accessed as part of a spam campaign to access the email contents of thousands of people, including journalists, government officials, and technology company employees.

The four defendants — Two officers from the Russian Federal Security Service (FSB) and two other hackers — are identified as:

Dmitry Aleksandrovich Dokuchaev, 33 — an officer in the FSB Center for Information Security at the time of the hack, and now Russian national and resident.

Igor Anatolyevich Sushchin, 43 — an FSB officer, a superior to Dokuchaev within the FSB, and Russian national and resident.

Alexsey Alexseyevich Belan, aka "Magg," 29 — a Russian national and resident, who has been on the FBI’s Most Wanted Hackers list and indicted twice in 2012 and 2013 by U.S. Federal grand juries for hacking and fraud charges.

Karim Baratov, aka "Kay," "Karim Taloverov" and "Karim Akehmet Tokbergenov," 22 — a Canadian and Kazakh national and a resident of Canada.

In a 38-page indictment [PDF] unsealed Wednesday, the prosecutors said the two Russian spies worked with two other hackers to break into and gained initial access to Yahoo in early 2014.

Belan, who is on the FBI's most-wanted cybercriminals list, used the file transfer protocol (FTP) to download the Yahoo database, containing usernames, recovery e-mail accounts, phone numbers as well as "certain information required to manually create, or "mint," account authentication web browser “cookies” for more than 500 million Yahoo accounts."

The spies then used the stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including those of Russian and American officials, Russian journalists, employees of financial services and other businesses.

The range of charges are officially listed as:

Conspiring to commit computer fraud and abuse

Conspiring to engage in and the theft of trade secrets

Conspiring to engage in and committing economic espionage

Conspiring to commit wire fraud

Counterfeit access device fraud

Counterfeit access device making equipment

Aggravated identity theft

Transmitting code with the intent to cause damage to computers

Unauthorized access to a computer for obtaining information for commercial advantage and private financial gain

Baratov was arrested on Tuesday by the Toronto Police Department, while Belan and the two FSB officers are in Russia. The United States has requested all the three to be handed over to face charges, but the US has no extradition treaty with Russia.

A Russian computer hacker wanted by the FBI on hacking allegations was arrested and jailed in Spain earlier this week, while a decision on his extradition to the United States has yet to be made.

The Guardia Civil, Spanish law enforcement agency officers, have detained 32-year-old Stanislav Lisov at Barcelona–El Prat Airport based on an international arrest warrant issued by Interpol at the request of the FBI.

Lisov is arrested on suspicion of creating and operating the NeverQuest Banking Trojan, a nasty malware that targeted financial institutions across the world and caused an estimated damage of $5 Million.

The arrest was made after U.S. intelligence agencies found that Russian hackers were behind the November 2016 election hacks that possibly influenced the presidential election in Donald Trump's favor.

However, Spanish police made an official statement, saying that the FBI had requested the arrest of Lisov after an investigation that started in 2014.

The Trojan, which spreads itself via social media, email and file transfer protocols, can modify content on banking websites and inject rogue forms into these sites, allowing attackers to steal login credentials from users.

NeverQuest can also allow malicious attackers to take control of a compromised computer through a Virtual Network Computing (VNC) server and then use those computers to log into the victim’s online bank and perform the theft.

"A thorough investigation of the servers operated by Lisov in France and Germany revealed databases with stolen lists of information from accounts of financial institutions, with data indicating, among other things, account balances," the Spanish Civil Guard said Friday.

"One of the servers leased by Lisov contained files with millions of login credentials, including usernames, passwords, and security questions and answers, for the bank and financial website accounts."

Lisov reportedly works as a systems administrator and website developer for a local company in Taganrog, Russia.

The Russian hacker is being held under observation by authorities in the north-eastern region of Catalonia before Spain's High Court decides whether to extradite him to the United States.

The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev, one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with his malware.

This is the highest bounty U.S. authorities have ever offered in any cyber case in its history. The 30-year-old Russian man who, according to bureau, is an alleged leader of a cyber criminal group who developed the GameOver Zeus botnet.

STOLE MORE THAN $100 MILLION

Evgeniy Mikhailovich Bogachev, also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," was the mastermind behind the GameOver Zeus botnet, which was allegedly used by cybercriminals to infect more than 1 Million computers and resulted in more than $100 Million in losses since 2011.

GameOver Zeus makes fraudulent transactions from online bank accounts once installed in a target system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet, which involves multiple computers flooding the financial institution’s server with traffic in an effort to deny legitimate users access to the site.

SAME MASTERMIND BEHIND CRYPTOLOCKER

Not just GameOver Zeus botnet, the alleged suspect is also accused of masterminding the CryptoLocker Ransomware, which is designed to extort money from computer users by holding computer files hostage until the computer user pays a ransom fee to get them back.

CryptoLocker encrypts victims' hard drives with strong AES-256-bit encryption before it demands money. The ransomware was widely distributed on the Gameover ZeuS botnet and, as a result, has infected hundreds and thousands of computers.

Gameover ZeuS botnet was disrupted by the feds last year but remains operational. "Although we were able to significantly disrupt the Gameover ZeuS and Cryptolocker criminal enterprise, we have not yet brought Bogachev himself to justice," Assistant Attorney General Leslie Caldwell said in a statement.

MOST WANTED CRIMINAL

Joseph Demarest Jr., assistant director of the FBI's cyber division, described Bogachev as both "one of the world's worst'' and "brilliant at what he did.'' The authorities charged Bogachev with conspiracy, computer hacking, wire fraud, bank fraud and money laundering under a 14-count indictment last year.

"We are turning to the world again for assistance in locating Bogachev," said FBI assistant director Joseph Demarest. "While he is known to reside in Russia, he may travel. With this $3 million reward incentive, someone, somewhere may see him and let the authorities know his whereabouts."

CALL FBI TO BE REWARDED IN $3 MILLION

In appearance, Bogachev is 5'9" tall, weighs around 180lbs, with brown eyes and brown hair. Last time he was seen in the Russian seaside resort of Anapa. He is believed to be still in Russia, although "he may travel," according to authorities.

Bogachev is on the FBI’s Most Wanted cyber list. Anyone spotting him and wishing to be rewarded by the Federal Bureau of Investigation can call the feds at 1-800-225-5324, or can do the same online by visiting tips.fbi.gov.

The US Federal Bureau of Investigation has added five new hackers to its Cyber most wanted list and is seeking information from the public regarding their whereabouts.

The men are wanted in connection with hacking and fraud crimes both within the US as well as internationally. Rewards ranging from up to $50,000 to $100,000 are being offered for information that leads to their arrest.

Two of them are Pakistani, Farnhan Arshad and Noor Aziz Uddin, who caused the damage of over $50 million after hacking business telephone systems between 2008 and 2012. Arshad and Uddin are part of an international criminal ring that the FBI believes extends into Pakistan, the Philippines, Saudi Arabia, Switzerland, Spain, Singapore, Italy, Malaysia, and other locations.

Syrian national Andrey Nabilevich Taame, wanted for his alleged role in Operation Ghost Click, a malware scheme that compromised more than four million computers in more than 100 countries between 2007 and October 2011; there were at least 500,000 victims in the United States alone.

Alexsey Belan, a Russian national, is wanted for alleged hacking of three US-based companies between 2012 and 2013.

Carlos Perez-Melara is wanted for his alleged involvement in manufacturing software that was used to intercept the private communications of hundreds of victims around September 2003. As part of the scheme, Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending “spyware” disguised as an electronic greeting card.

The rewards are being offered for each of the five fugitives, all of whom are believed to be living outside the U.S.

"The expansion of the Cyber’s Most Wanted list is a reflection of the FBI’s increased efforts in this area," FBI officials said in a statement.

Good news, we bring an amazing deal of this month for our readers, where you can get hacking courses for as little as you want to pay and if you beat the average price you will receive the fully upgraded hacking bundle!